During a security assessment on a website I found a a redirection link that was reflecting the values in the Location header. The first thing that came to my mind was CRLF injection so I tried a few ...

Mike Ryan claims that it is possible to inject packets (probably with Ubertooth) in an ongoing BLE conversation. His attempt to do so lead to jamming the connection (Sources 1 and 2).
The Bluetooth ...

I live in a big brother country (Egypt, but valid to many other countries), which apparently bought Hacking team and fin fisher software since couple of years.
After reading about the very-easy ways ...

Question Summary:
I am trying to create a lab scenario wherein the "attacker" is intended to perform a directory transversal attack from an HTML page and move into the Windows system directories. Can ...

Suppose as an attacker I provide a fake certificate to a user.A warning pops up on her window but she decides to continue anyways.Is my fake certificate now added in her browser's trusted certificate ...

I want to know is there any way to hook (inline hook) an unexported API of a PE?
I have this binary (PE 32 bit) which does not uses any DLL (A statically linked binary) and I would like to know what ...

On another thread a user was trying to use SMTP injections and, as a test, trying to inject a supplementary recipient for this email.
My understanding of the issue preventing him from succeeding were ...

Situation is following:
I have identified sql injection attack vector, and have following information about target table:
It has six columns. (Identified using "order by").
I can see output of 3 of ...

I was reading an article on Great Cannon at Ars Technica (http://arstechnica.com/security/2015/04/meet-great-cannon-the-man-in-the-middle-weapon-china-used-on-github/) and it seems to me that this is ...

I'm building a mobile app that will use API created by me on my server. These API will be publicy exposed, but not publicy documented. I want to let the user to use the app without authentication for ...

So starting with the absolute basics - an exploit is the means used to gain access to a vulnerable system and a payload is the actual program/shellcode used to fulfill attacker's intentions
A staged ...

I'm new to security and currently referring to Robert Seacord's Secure Coding in C and C++. In chapter 2 of the same, the author talks about arc injection, wherein he passes the flow of control in the ...

I am trying to inject a RoR application... I have found a nice command which will allow me to delete things unchecked...but the problem is that its not a problem its a very minor point, to make it a ...

Theoretically...
In Active attacks we have "modification attack"...ie
"In a message modification attack, an intruder alters packet header addresses to direct a message to a different destination or ...

I've been monitoring some weird activity in the access logs for my site and I've noticed a couple of weird attempts against the server. I'm wondering if anyone has seen these before. It's an Apache ...

Recently, a website I hosted (wordpress I think) for a friend got hacked and all php pages had added code at the bottom in the form of "echo base64_encode(...);". Thus there were unwanted ads on very ...

I've recently created a PHP registration script for a website that a friend and I are working on. I've read up on the dangers of MySQL injection, and I was wondering if my current code is protected ...

The question is not professional, but what I'm trying to say is...
Is there any way to inject or force the DNS server to attach/change an IP address for some site. For example, I'm running an apache ...

I was researching on Injection issues in MS SQL Server. I came to read about xp_cmdshell. I think this must be enabled in the SQL server for attackers to perform many exploits. Actually what is this ...

I just tried to demonstrate a simple Web app program to simulate the Http Header Splitting attack but I failed. I realise that this sendRedirect() function has filtered my carriage return and replace ...